Show Your Papers!

They say a man’s home is his castle, and since my computer is my virtual home, I must have complete control over what goes on in it. When I see a stranger person walking around in my yard, he’s better be ready to tell me who he is, what company he works for, why he’s in there. Likewise, when I see a strange window running in my computer, I must have the ability to easily tell what it is, who makes it, when it was installed, etc.

Yes, one would think that being able to quickly identify any running window would be a basic feature of any modern so called window operation system. It’s 25 years after the first release of Microsoft Windows, and the sad truth is that you still often cannot easily identify running windows.

Look at the example below. If you are not familiar with this utility, and you came back to your laptop seeing this, would you know what it’s about? Should you click Yes or No? Is this a legitimate application, or something more sinister?

The first obvious problem is the missing message. That’s forgivable however. Bugs happen, files get corrupted, language resource files go missing, etc. What’s not acceptable is for the Windows OS not to provide any method to identify misbehaving windows.

So how about it Microsoft? Let us easily find out identifying information about any running Windows. Perhaps with with a click of a button, we can see:

Name of owning application/process

Name of vendor (if available)

Folder where executable resides

Date the application was installed

User who installed the application

If the user didn’t run the application himself, identify the parent process or service that launches the application (shortcut in Startup folder, registry, etc.)

Available code signatures

For now, if you want to identify any visible window, use Sysinternals’ Process Explorer. Drag the “Find Window’s Process” icon and drop it on top of the target window and Process Explorer will highlight the owner process in its window. From there, you can get the executable name, company name, folder location, etc.